OpenSSL BIGNUM vs. GMP
Adam Back
adam at cypherspace.org
Tue Jan 3 17:51:08 EST 2006
On Tue, Jan 03, 2006 at 10:10:50PM +0000, Ben Laurie wrote:
> Jack Lloyd wrote:
> > Some relevant and recent data: in some tests I ran this weekend
> > [gmp faster than openssl]
> > AFAIK blinding alone can protect against all (publicly known)
> > timing attacks; am I wrong about this?
>
> Yes, you are - there's the cache attack, which requires the attacker to
> have an account on the same machine. I guess I shouldn't have called it
> constant time, since its really constant memory access that defends
> against this.
Does openSSL defend against cache related attacks?
Adam
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list